CVE-2023-32186HIGH≥ 0, < 1.24.17·≥ 1.25.0, < 1.25.13+3 more2023-09-11
CVE-2023-32186 [HIGH] CWE-770 RKE2 supervisor port is vulnerable to unauthenticated remote denial-of-service (DoS) attack via TLS SAN stuffing attack
RKE2 supervisor port is vulnerable to unauthenticated remote denial-of-service (DoS) attack via TLS SAN stuffing attack
### Impact
An issue was found in RKE2 where an attacker with network access to RKE2 servers' supervisor port (TCP 9345) can force the TLS server to add entries to the certificate's Subject Alternative Name (SAN) list, through a
ghsaosv